B112: Test for a continue in the except block¶
Errors in Python code bases are typically communicated using
An exception object is ‘raised’ in the event of an error and can be ‘caught’ at
a later point in the program, typically some error handling or logging action
will then be performed.
However, it is possible to catch an exception and silently ignore it while in a loop. This is illustrated with the following example
while keep_going: try: do_some_stuff() except Exception: continue
This pattern is considered bad practice in general, but also represents a potential security issue. A larger than normal volume of errors from a service can indicate an attempt is being made to disrupt or interfere with it. Thus errors should, at the very least, be logged.
There are rare situations where it is desirable to suppress errors, but this is
typically done with specific exception types, rather than the base Exception
class (or no type). To accommodate this, the test may be configured to ignore
‘try, except, continue’ where the exception is typed. For example, the
following would not generate a warning if the configuration option
checked_typed_exception is set to False:
while keep_going: try: do_some_stuff() except ZeroDivisionError: continue
try_except_continue: check_typed_exception: True
>> Issue: Try, Except, Continue detected. Severity: Low Confidence: High CWE: CWE-703 (https://cwe.mitre.org/data/definitions/703.html) Location: ./examples/try_except_continue.py:5 4 a = i 5 except: 6 continue
New in version 1.0.0.
Changed in version 1.7.3: CWE information added